Topic Last Modified: 2011-03-02

This test topology used a split-brain DNS configuration; that is, the parent DNS namespace was contoso.com, but resolution records for internal and external users were managed separately. This configuration allows for advertising a single URL for any specific Lync Server service while maintaining separate servers and routes to access those services for internal and external users.

DNS and DNS load balancing were deployed according to Microsoft best practices. For details, see DNS Requirements for Front End Pools, DNS Requirements for Automatic Client Sign-In, Determining DNS Requirements, and DNS Load Balancing in the Planning documentation.

Windows DNS can handle all DNS responsibilities for Lync Server services; however, in this case we used the F5 Global Traffic Manager (GTM) for more granular site awareness and load distribution.

Windows DNS was authoritative for contoso.com for both internal and external user resolution. Service names (such as pool1 for HTTPS requests) needing global load balancing were delegated to the GTMs so that Windows DNS could maintain ownership of the overall contoso.com namespace but GTM could also load balance what was needed. In this case, we used the GTM to manage resolution records for HTTPS access; however, this approach can be expanded to cover records for other services as well.

The following lists provide a configuration snapshot of both the internal and external DNS servers that were used in our testing.

External Windows DNS

  • Windows DNS is used, and is authoritative for the contoso.com zone.

  • ap.contoso.com points to the external network interface of the Access Edge service.

  • webconf.contoso.com points to the external network interface of the Web Conferencing Edge service.

  • avedge.contoso.com points to the external network interface of the A/V Edge service.

  • The wip.contoso.com zone is delegated to a Global Server Load Balancer system, in this case, the F5 GTM.

  • proxy.contoso.com is CNAMEd to proxy.wip.contoso.com, thus granting GTM the resolution and load balancing responsibilities.

  • proxy.wip.contoso.com is configured on the GTM to load balance users to the HTTP reverse proxies.

Internal Windows DNS

  • Windows DNS is used, and is authoritative for the contoso.com zone.

  • The wip.contoso.com zone is delegated to a Global Server Load Balancer system, in this case the F5 GTM.

  • webpool1.contoso.com is CNAMEd to webpool1.wip.contoso.com, thus granting GTM the resolution and load balancing responsibilities.

  • webpool1.wip.contoso.com is configured on the GTM to load balance users to the Front End VIPs of the load balancers.